|
version 1.11, 2003/06/18 19:44:22
|
version 1.12, 2003/06/19 14:52:21
|
|
Line 249 sub handler {
|
Line 249 sub handler {
|
| ## Check permissions |
## Check permissions |
| my $allowed_to_edit = &Apache::lonnet::allowed('mgr', |
my $allowed_to_edit = &Apache::lonnet::allowed('mgr', |
| $ENV{'request.course.id'}); |
$ENV{'request.course.id'}); |
| |
# Only those instructors/tas/whatevers with complete access |
| |
# (not section restricted) are able to modify spreadsheets. |
| my $allowed_to_view = &Apache::lonnet::allowed('vgr', |
my $allowed_to_view = &Apache::lonnet::allowed('vgr', |
| $ENV{'request.course.id'}); |
$ENV{'request.course.id'}); |
| |
if (! $allowed_to_view) { |
| |
$allowed_to_view = &Apache::lonnet::allowed('vgr', |
| |
$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'}); |
| |
# Those who are restricted by section are allowed to view. |
| |
# The routines in lonstatistics which decide which students' |
| |
# will be shown take care of the restriction by section. |
| |
} |
| # |
# |
| # Only those able to view others grades will be allowed to continue |
# Only those able to view others grades will be allowed to continue |
| # if they are not requesting their own. |
# if they are not requesting their own. |
| if (($sheettype eq 'classcalc') || |
if ($sheettype eq 'classcalc') { |
| ($name ne $ENV{'user.name'} ) || |
|
| ($domain ne $ENV{'user.domain'})) { |
|
| if (! $allowed_to_view) { |
if (! $allowed_to_view) { |
| $r->print('<h1>Access Permission Denied</h1>'. |
$r->print('<h1>Access Permission Denied</h1>'. |
| '</form></body></html>'); |
'</form></body></html>'); |
| return OK; |
return OK; |
| } |
} |
| } |
} |
| |
if ((($name ne $ENV{'user.name'} ) || |
| |
($domain ne $ENV{'user.domain'})) && $sheettype ne 'classcalc') { |
| |
# Check that the student is in their section? |
| |
if (exists($ENV{'request.course.sec'}) && |
| |
$ENV{'request.course.sec'} ne '' ) { |
| |
my $stu_sec = &Apache::lonnet::usection($domain,$name, |
| |
$ENV{'request.course.id'}); |
| |
if ($stu_sec ne $ENV{'request.course.sec'}) { |
| |
$r->print |
| |
('<h1>The student requested is not in your section.</h1>'. |
| |
'</form></body></html>'); |
| |
return OK; |
| |
} |
| |
} |
| |
} |
| |
|
| # |
# |
| # Header.... |
# Header.... |
| # |
# |
|
Line 376 ENDSCRIPT
|
Line 398 ENDSCRIPT
|
| } |
} |
| $r->print('<table><tr><td>'.$spreadsheet->html_header().'</td>'. |
$r->print('<table><tr><td>'.$spreadsheet->html_header().'</td>'. |
| '<td valign="bottom">'.$html."</td></tr></table>\n"); |
'<td valign="bottom">'.$html."</td></tr></table>\n"); |
| $r->print(<<END); |
if ($action_message ne '') { |
| |
$r->print(<<END); |
| <table> |
<table> |
| <tr><td valign="top"><b>Last Action:</b></td> |
<tr><td valign="top"><b>Last Action:</b></td> |
| <td> </td> |
<td> </td> |
|
Line 384 ENDSCRIPT
|
Line 407 ENDSCRIPT
|
| </tr> |
</tr> |
| </table> |
</table> |
| END |
END |
| |
} |
| $r->rflush(); |
$r->rflush(); |
| } else { |
} else { |
| $r->print('<table><tr><td>'.$spreadsheet->html_header(). |
$r->print('<table><tr><td>'.$spreadsheet->html_header(). |
![[BACK]](/icons/back.gif){kind=icon}
Return to lonspreadsheet.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface / spreadsheet